all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Technical Advisory: Sonos Era 100 Secure Boot Bypass Through Unchecked setenv() call

Add to bookmarks
Dec. 4, 2023, 10:26 a.m. | Alex Plaskett

NCC Group Research Blog research.nccgroup.com

Vendor: Sonos Vendor URL: https://www.sonos.com/ Versions affected: * Confirmed 73.0-42060 Systems Affected: Sonos Era 100 Author: Ilya Zhuravlev Advisory URL: Not provided by Sonos. Sonos state an update was released on 2023-11-15 which remediated the issue. CVE Identifier: N/A Risk: High Summary Sonos Era 100 is a smart speaker released in 2023. A vulnerability exists […]

hardware & embedded systems technical advisories vulnerability research

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Sifting through the spines: identifying (potential) Cactus ransomware victims 1 week, 4 days ago | research.nccgroup.com
access blog cactus cactus ransomware +17
Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis 3 weeks, 2 days ago | research.nccgroup.com
analysis architecture confidential data +19
Non-Deterministic Nature of Prompt Injection 3 weeks, 3 days ago | research.nccgroup.com
attack easy explained exploiting +10
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) 3 weeks, 6 days ago | research.nccgroup.com
access advisory api attack +24
Public Report – Google Privacy Sandbox Aggregation Service and Coordinator 1 month, 1 week ago | research.nccgroup.com
aggregation companies google google privacy sandbox +16
Android Malware Vultur Expands Its Wingspan 1 month, 1 week ago | research.nccgroup.com
android android banking malware android malware authors +18
LTair: The LTE Air Interface Tool 1 month, 3 weeks ago | research.nccgroup.com
air attacks blog blog post +14
The Development of a Telco Attack Testing Tool 1 month, 3 weeks ago | research.nccgroup.com
attack blog challenges development +13
Public Report – AWS Nitro System API & Security Claims Italian 2 months ago | research.nccgroup.com
amazon amazon web services api apis +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

PMO Cybersécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Third Party Risk Management - Consultant

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Consultant Cyber Sécurité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com

Information Security Compliance Analyst

@ KPMG Australia | Melbourne, Australia
View on infosec-jobs.com

GDS Consulting - Cyber Security | Data Protection Senior Consultant

@ EY | Taguig, PH, 1634
View on infosec-jobs.com

Senior QA Engineer - Cloud Security

@ Tenable | Israel
View on infosec-jobs.com
View more jobs